bitwarden_rs 不支持 traefik v2.2(坏网关)
bitwarden_rs not working behind traefik v2.2 (Bad Gateway)
所以我正在尝试将 bitwarden_rs 添加到我的 docker 网络,但似乎很难成功。
我在 traefik (nextcloud.mydomain.com) 后面还有一个 nextcloud docker 容器 运行,它运行良好。但是将带有自己子域(bitwarden.mydomain.com)的bitwarden添加到traefik并不想开始工作。我总是收到 Bad Gateway 错误。
Traefik docker-compose
version: "3"
services:
traefik:
image: traefik:latest
container_name: traefik
restart: always
command:
- --log.level=DEBUG
- --api.insecure
- --api.dashboard
- --providers.file.directory=/FileProvider/
- --providers.file.watch=true
- --providers.docker
- --providers.docker.exposedbydefault=false
- --providers.docker.endpoint=unix:///var/run/docker.sock
- --entrypoints.web.address=:80
- --entrypoints.websecure.address=:443
- --certificatesresolvers.letsencryptresolver.acme.email=my@email.com
- --certificatesresolvers.letsencryptresolver.acme.storage=./letsencrypt/acme.json
- --certificatesresolvers.letsencryptresolver.acme.httpchallenge.entrypoint=web
- --certificatesresolvers.letsencryptresolver.acme.httpchallenge=true
ports:
- 80:80
- 443:443
- 8080:8080
volumes:
- ...
networks:
- local-lan
labels:
- --traefik.http.middlewares.https.redirectscheme.scheme=https
- --traefik.http.routers.https_redirect.middlewares=https
- --traefik.http.routers.https_redirect.rule=(Host(`bitwarden.mydomain.com`) || Host(`nextcloud.mydomain.com`))
- --traefik.http.routers.https_redirect.entrypoints=web
- --traefik.docker.network=local-lan
networks:
local-lan:
external: true
traefik 动态配置
middlewares:
ncHeader:
headers:
customResponseHeaders:
stsPreload: true
stsSeconds: 15552000
redirect:
redirectScheme:
scheme: https
bitwarden_rs docker-撰写
version: '3'
services:
bitwarden:
image: bitwardenrs/server:latest
container_name: bitwarden
restart: always
volumes:
- /home/reggi/bitwarden/data:/data
environment:
- WEBSOCKET_ENABLED=true
- WEB_VAULT_ENABLED=true
- SIGNUPS_ALLOWED=true
- ADMIN_TOKEN=xxxxxxxxxxx
ports:
- 3012:3012
- 4500:80
networks:
- local-lan
labels:
- traefik.enable=true
- traefik.docker.network=local-lan
- traefik.http.services.bitwarden-ui.loadbalancer.server.port=4500
- traefik.http.services.bitwarden-ui.loadbalancer.server.scheme=http
- traefik.http.routers.bitwarden-ui-https.rule=Host(`bitwarden.mydomain.com`)
- traefik.http.routers.bitwarden-ui-https.entrypoints=websecure
- traefik.http.routers.bitwarden-ui-https.tls=true
- traefik.http.routers.bitwarden-ui-https.tls.certresolver=letsencryptresolver
- traefik.http.routers.bitwarden-ui-https.service=bitwarden-ui@docker
- traefik.http.routers.bitwarden-ui-http.rule=Host(`bitwarden.mydomain.com`)
- traefik.http.routers.bitwarden-ui-http.entrypoints=web
- traefik.http.routers.bitwarden-ui-http.service=bitwarden-ui@docker
- traefik.http.routers.bitwarden-websocket-https.rule=Host(`bitwarden.mydomain.com`) && Path(`/notifications/hub`)
- traefik.http.routers.bitwarden-websocket-https.entrypoints=websecure
- traefik.http.routers.bitwarden-websocket-https.tls=true
- traefik.http.routers.bitwarden-websocket-https.tls.certresolver=letsencryptresolver
- traefik.http.routers.bitwarden-websocket-https.service=bitwarden-websocket
- traefik.http.routers.bitwarden-websocket-http.rule=Host(`bitwarden.mydomain.com`) && Path(`/notifications/hub`)
- traefik.http.routers.bitwarden-websocket-http.entrypoints=web
- traefik.http.routers.bitwarden-websocket-http.service=bitwarden-websocket
- traefik.http.services.bitwarden-websocket.loadbalancer.server.port=3012
networks:
local-lan:
external: true
两个容器都 运行 使用此配置没问题,但出于某种原因,当我导航到 http(s)://bitwarden.mydomain.com.
时出现错误网关
当我导航到我的服务器时 IP:4500 bitwarden 打开意味着 docker 容器 运行 正常。
在我的 traefik 日志中我可以找到这个错误:
time="2021-03-10T21:06:35Z" level=debug msg="'502 Bad Gateway' caused by: dial tcp 17.32.0.8:4500: connect: connection refused"
当我从 traefik 容器对 bitwarden 容器进行简单的卷曲时,我得到了同样的错误:
curl --verbose http://17.32.0.8:4500
例如,curl 到我的 nextcloud 容器确实有效:
我已经尝试了很多东西,但似乎无法弄明白。对于 nextcloud,我可以添加一个受信任的代理域,但如果我没记错的话,bitwarden_rs 似乎不可能。
- 添加网络标签没有帮助GitHub answer
- 使用这些配置标签也没有帮助GitHub answer
有人知道我遗漏了什么或做错了什么吗?
经过进一步调查,我发现了我的错误。
我不需要将端口 80 映射到您的 docker 网络之外,我只需要公开它。所以这现在有效:
version: '3'
services:
bitwarden:
image: bitwardenrs/server:latest
container_name: bitwarden
restart: always
volumes:
- /home/reggi/bitwarden/data:/data
environment:
- WEBSOCKET_ENABLED=true
- WEB_VAULT_ENABLED=true
- SIGNUPS_ALLOWED=true
- ADMIN_TOKEN=xxxxxxxxxxx
expose:
- 3012
- 80
networks:
- local-lan
labels:
- traefik.enable=true
- traefik.docker.network=local-lan
- traefik.http.services.bitwarden-ui.loadbalancer.server.port=4500
- traefik.http.services.bitwarden-ui.loadbalancer.server.scheme=http
- traefik.http.routers.bitwarden-ui-https.rule=Host(`bitwarden.mydomain.com`)
- traefik.http.routers.bitwarden-ui-https.entrypoints=websecure
- traefik.http.routers.bitwarden-ui-https.tls=true
- traefik.http.routers.bitwarden-ui-https.tls.certresolver=letsencryptresolver
- traefik.http.routers.bitwarden-ui-https.service=bitwarden-ui@docker
- traefik.http.routers.bitwarden-ui-http.rule=Host(`bitwarden.mydomain.com`)
- traefik.http.routers.bitwarden-ui-http.entrypoints=web
- traefik.http.routers.bitwarden-ui-http.service=bitwarden-ui@docker
- traefik.http.routers.bitwarden-websocket-https.rule=Host(`bitwarden.mydomain.com`) && Path(`/notifications/hub`)
- traefik.http.routers.bitwarden-websocket-https.entrypoints=websecure
- traefik.http.routers.bitwarden-websocket-https.tls=true
- traefik.http.routers.bitwarden-websocket-https.tls.certresolver=letsencryptresolver
- traefik.http.routers.bitwarden-websocket-https.service=bitwarden-websocket
- traefik.http.routers.bitwarden-websocket-http.rule=Host(`bitwarden.mydomain.com`) && Path(`/notifications/hub`)
- traefik.http.routers.bitwarden-websocket-http.entrypoints=web
- traefik.http.routers.bitwarden-websocket-http.service=bitwarden-websocket
- traefik.http.services.bitwarden-websocket.loadbalancer.server.port=3012
networks:
local-lan:
external: true
所以我正在尝试将 bitwarden_rs 添加到我的 docker 网络,但似乎很难成功。
我在 traefik (nextcloud.mydomain.com) 后面还有一个 nextcloud docker 容器 运行,它运行良好。但是将带有自己子域(bitwarden.mydomain.com)的bitwarden添加到traefik并不想开始工作。我总是收到 Bad Gateway 错误。
Traefik docker-compose
version: "3"
services:
traefik:
image: traefik:latest
container_name: traefik
restart: always
command:
- --log.level=DEBUG
- --api.insecure
- --api.dashboard
- --providers.file.directory=/FileProvider/
- --providers.file.watch=true
- --providers.docker
- --providers.docker.exposedbydefault=false
- --providers.docker.endpoint=unix:///var/run/docker.sock
- --entrypoints.web.address=:80
- --entrypoints.websecure.address=:443
- --certificatesresolvers.letsencryptresolver.acme.email=my@email.com
- --certificatesresolvers.letsencryptresolver.acme.storage=./letsencrypt/acme.json
- --certificatesresolvers.letsencryptresolver.acme.httpchallenge.entrypoint=web
- --certificatesresolvers.letsencryptresolver.acme.httpchallenge=true
ports:
- 80:80
- 443:443
- 8080:8080
volumes:
- ...
networks:
- local-lan
labels:
- --traefik.http.middlewares.https.redirectscheme.scheme=https
- --traefik.http.routers.https_redirect.middlewares=https
- --traefik.http.routers.https_redirect.rule=(Host(`bitwarden.mydomain.com`) || Host(`nextcloud.mydomain.com`))
- --traefik.http.routers.https_redirect.entrypoints=web
- --traefik.docker.network=local-lan
networks:
local-lan:
external: true
traefik 动态配置
middlewares:
ncHeader:
headers:
customResponseHeaders:
stsPreload: true
stsSeconds: 15552000
redirect:
redirectScheme:
scheme: https
bitwarden_rs docker-撰写
version: '3'
services:
bitwarden:
image: bitwardenrs/server:latest
container_name: bitwarden
restart: always
volumes:
- /home/reggi/bitwarden/data:/data
environment:
- WEBSOCKET_ENABLED=true
- WEB_VAULT_ENABLED=true
- SIGNUPS_ALLOWED=true
- ADMIN_TOKEN=xxxxxxxxxxx
ports:
- 3012:3012
- 4500:80
networks:
- local-lan
labels:
- traefik.enable=true
- traefik.docker.network=local-lan
- traefik.http.services.bitwarden-ui.loadbalancer.server.port=4500
- traefik.http.services.bitwarden-ui.loadbalancer.server.scheme=http
- traefik.http.routers.bitwarden-ui-https.rule=Host(`bitwarden.mydomain.com`)
- traefik.http.routers.bitwarden-ui-https.entrypoints=websecure
- traefik.http.routers.bitwarden-ui-https.tls=true
- traefik.http.routers.bitwarden-ui-https.tls.certresolver=letsencryptresolver
- traefik.http.routers.bitwarden-ui-https.service=bitwarden-ui@docker
- traefik.http.routers.bitwarden-ui-http.rule=Host(`bitwarden.mydomain.com`)
- traefik.http.routers.bitwarden-ui-http.entrypoints=web
- traefik.http.routers.bitwarden-ui-http.service=bitwarden-ui@docker
- traefik.http.routers.bitwarden-websocket-https.rule=Host(`bitwarden.mydomain.com`) && Path(`/notifications/hub`)
- traefik.http.routers.bitwarden-websocket-https.entrypoints=websecure
- traefik.http.routers.bitwarden-websocket-https.tls=true
- traefik.http.routers.bitwarden-websocket-https.tls.certresolver=letsencryptresolver
- traefik.http.routers.bitwarden-websocket-https.service=bitwarden-websocket
- traefik.http.routers.bitwarden-websocket-http.rule=Host(`bitwarden.mydomain.com`) && Path(`/notifications/hub`)
- traefik.http.routers.bitwarden-websocket-http.entrypoints=web
- traefik.http.routers.bitwarden-websocket-http.service=bitwarden-websocket
- traefik.http.services.bitwarden-websocket.loadbalancer.server.port=3012
networks:
local-lan:
external: true
两个容器都 运行 使用此配置没问题,但出于某种原因,当我导航到 http(s)://bitwarden.mydomain.com.
时出现错误网关当我导航到我的服务器时 IP:4500 bitwarden 打开意味着 docker 容器 运行 正常。
在我的 traefik 日志中我可以找到这个错误:
time="2021-03-10T21:06:35Z" level=debug msg="'502 Bad Gateway' caused by: dial tcp 17.32.0.8:4500: connect: connection refused"
当我从 traefik 容器对 bitwarden 容器进行简单的卷曲时,我得到了同样的错误:
curl --verbose http://17.32.0.8:4500
例如,curl 到我的 nextcloud 容器确实有效:
我已经尝试了很多东西,但似乎无法弄明白。对于 nextcloud,我可以添加一个受信任的代理域,但如果我没记错的话,bitwarden_rs 似乎不可能。
- 添加网络标签没有帮助GitHub answer
- 使用这些配置标签也没有帮助GitHub answer
有人知道我遗漏了什么或做错了什么吗?
经过进一步调查,我发现了我的错误。
我不需要将端口 80 映射到您的 docker 网络之外,我只需要公开它。所以这现在有效:
version: '3'
services:
bitwarden:
image: bitwardenrs/server:latest
container_name: bitwarden
restart: always
volumes:
- /home/reggi/bitwarden/data:/data
environment:
- WEBSOCKET_ENABLED=true
- WEB_VAULT_ENABLED=true
- SIGNUPS_ALLOWED=true
- ADMIN_TOKEN=xxxxxxxxxxx
expose:
- 3012
- 80
networks:
- local-lan
labels:
- traefik.enable=true
- traefik.docker.network=local-lan
- traefik.http.services.bitwarden-ui.loadbalancer.server.port=4500
- traefik.http.services.bitwarden-ui.loadbalancer.server.scheme=http
- traefik.http.routers.bitwarden-ui-https.rule=Host(`bitwarden.mydomain.com`)
- traefik.http.routers.bitwarden-ui-https.entrypoints=websecure
- traefik.http.routers.bitwarden-ui-https.tls=true
- traefik.http.routers.bitwarden-ui-https.tls.certresolver=letsencryptresolver
- traefik.http.routers.bitwarden-ui-https.service=bitwarden-ui@docker
- traefik.http.routers.bitwarden-ui-http.rule=Host(`bitwarden.mydomain.com`)
- traefik.http.routers.bitwarden-ui-http.entrypoints=web
- traefik.http.routers.bitwarden-ui-http.service=bitwarden-ui@docker
- traefik.http.routers.bitwarden-websocket-https.rule=Host(`bitwarden.mydomain.com`) && Path(`/notifications/hub`)
- traefik.http.routers.bitwarden-websocket-https.entrypoints=websecure
- traefik.http.routers.bitwarden-websocket-https.tls=true
- traefik.http.routers.bitwarden-websocket-https.tls.certresolver=letsencryptresolver
- traefik.http.routers.bitwarden-websocket-https.service=bitwarden-websocket
- traefik.http.routers.bitwarden-websocket-http.rule=Host(`bitwarden.mydomain.com`) && Path(`/notifications/hub`)
- traefik.http.routers.bitwarden-websocket-http.entrypoints=web
- traefik.http.routers.bitwarden-websocket-http.service=bitwarden-websocket
- traefik.http.services.bitwarden-websocket.loadbalancer.server.port=3012
networks:
local-lan:
external: true